A recent post on a hacking forum has raised alarms about a potential data breach at Finastra, one of the world’s leading fintech companies.
The threat actor, using the alias “abyss0,” claimed responsibility for the breach, stating that 400 GB of compressed data had been exfiltrated from Finastra’s systems in November 2024.
The data is allegedly from Finastra’s Enterprise Service Bus (ESB) and was stolen using IBM Aspera, a high-speed file transfer tool.
Samples of the stolen data were reportedly shared to validate the claim, but there has been no official confirmation or denial from Finastra as of yet.
Details of the Alleged Breach
According to a post on HackManac, the breach involved sensitive data extracted from Finastra’s internal systems.

The alleged 400 GB of compressed data could potentially contain critical financial information, given Finastra’s role as a technology provider to over 9,000 financial institutions globally, including some of the world’s largest banks.
The hacker claims to have used IBM Aspera for exfiltrating the data, a tool known for its ability to transfer large files at high speeds.
This raises concerns about how long the attacker may have had access to Finastra’s systems before being detected.
The use of hacking forums to announce such breaches is a common tactic among cybercriminals seeking to sell stolen data or extort companies.
While it remains unclear whether any ransom demands have been made, this incident follows a pattern seen in previous attacks on fintech firms where sensitive customer information is targeted.
Previous Security Incidents at Finastra
This is not the first time Finastra has faced cybersecurity challenges. In March 2020, the company was hit by a ransomware attack that forced it to shut down several key servers.
At that time, Finastra’s security team detected anomalous activity and took immediate action by disconnecting affected servers from external networks
While no customer or employee data was confirmed to have been compromised during that incident, it highlighted vulnerabilities in Finastra’s infrastructure.
Finastra has since implemented additional security measures, but this latest breach claim suggests that threat actors may have found new ways to exploit weaknesses in its systems.
The alleged breach at Finastra underscores the growing cybersecurity threats facing financial institutions worldwide.
Also Read: